For anyone who’s taken the time to view the about us section of Michael Talks Tech, they will see that I am currently in my final year of university. As a result Michael Talks Tech has had to take a step back due to the amount of work I am dealing with at the moment.

My current research focus is within the domain of malware, I felt this was the best move for me due to my background and general interests.

Narrowing down the broad spectrum that is malware to a specific focus has led me down the path of Keyloggers. I found this domain intriguing as it allowed for my research to cover Cyber Security and loosely link into a small amount of Social Engineering.

As part of my research I have also been developing methods to scan and search for keyloggers on a system, this has led me down the path of MD5 signatures. Although I am aware that the method of detecting malware using MD5 signatures is a slightly outdated method (In comparison to self learning detection methods)

This further led me down the path of machine learning to detect for malware using both MD5 signatures as well as the sandboxing method. Sandboxing is an interesting method deploy as it requires the program to run the application in a ‘Sandbox’ environment and from their it will check the suspected applications interactions with the operating system.

There is currently a prototype application in development aimed at detecting and removing malware applications. And as a result of all this I have been having to put Michael Talks Tech on the back burner as it was becoming almost a fulltime job in regard to a number of the post that I have done and the research required for them.

Hopefully in the new year I will be able to start posting regularly again, as it is something that I find both interesting and also fun to do. Stay posted for much more to come!

Last week reports emerged of the UK government confirming their suspicions of WannaCry being a state sponsored attack involving North Korea.

Earlier this year, just after WannaCry came to prominence I wrote an article What is WannaCry. In which I speculated due to the nature and style of attack, it did not appear to follow the traditional Ransomware style. What I mean by this is, from the outset WannaCry was targeting and effecting core infrastructure as well as the Public sector in the UK. Resulting in WannaCry becoming somewhat of a disruption, as a rule Ransomware attacker aim to make the process of decrypting the data as smooth and straight forward for the victims as possible. This is likely due to them being after one thing, money. Mozilla conducted an investigation as part of there Online Life is Real Life podcast series a from their investigation they rated Ransomaware customer services. This highlights how the process of ransomware cannot be to complicated as it will reduce and limited their overall ability to collect the ransom

But there are numerous article floating around the web that indicate WannaCry made between $20,000 – $100,000. For an attack of this level that impacted hundreds of thousand of people it was a very poor take.
But the level of chaos and “denial of service” that WannaCry caused indicated to myself that their was more to it than just the money. I am aware that the traditional sence a denial of service or DDoS is targeting web services and flooding them with packets. But in this case WannaCry effected ATM machine as well as computer within hospitals, effectively denying service to them.

Of course the North Koreans released a statement to the effect of them having no involvement and that these accusations are nothing but wild speculation. But it is important to consider that this “speculation” was floating around from the beginning of WannaCry and was stated by a number of security research teams that looked into WannaCry. As well as this, the UK government would not make these accusations without a substantial level of evidence.

The north Koreans have in te past been accused of other attacks, mainly the attack on Sony. This attack was alleged to have happened due to the upcoming release of movie The Interview.

Please let me know your views on the North Koreans involvment in WannaCry in the comments below.

Glasswire might just be your complete network monitoring and security tool, for both professionals user and home users. I have found from use that it becomes an asset to your security policy, being that at work or home.

Glasswire is packed full of features that are designed to not only make your life easier, but also give you piece of mind that your computer is safe from malicious software such as remote Keyloggers and Trojans. This proves evident when you consider the Webcam and Mic detection feature that will notify you if your webcam or mic is activated. And after the leaked documents from Edward Snowden, this concern is ever more prominent. The amount of people you see with tape or a cover over their laptops webcam is not to be ignored. And rather than placing a sticker or tape over your webcam you could simply turn on the webcam and mic detection feature.

The webcam and Mic detection feature can also be used in conjunction with the network monitor, and if Glasswire detected the webcam was in use and you are to see suspicious network activity you would be able to deduce that there could be a Trojan or other remote element on the PC. These features combined make Glasswire a force to be reckoned with in regard to preserving your privacy and preventing your system being compromised.

Have you ever wanted to know what or how many devices are connected to your WiFi network, well Glasswire has the solution. Under the network tab you can choose to scan your network and from there it will build a list of all of the device connected to the network.

This will then let you label each device. The ability to label the devices is a nice touch considering in some household there could be as many as 4 iPhone’s that would all be identified by the same name. And by labeling all of your devices each time you notice an unrecognised device on the network you will be able to carry out an investigation and remove any labeled device from the equation.

As well as this it also has a built in firewall, that can alow you to block or allow certain applciaitons from accessing the outside world. This feature could be very useful if you are to notices some suspicous activity and your first port of call could be to block its network access before investigatong further. This could potentaly save you a massive amount of trouble depending on the type of malware it is.

This slideshow requires JavaScript.

The user interface is warm and welcoming, and offer a few different skins so the user can add their own personal touch to it. And due to all of the option being very clear and easy to access it s quick and smooth to navigate without having to jump through hoops to find certain elements of the application.Glasswire does offer a free option, and for most users, that might be all they need. It will still allow you to monitor your data usage and see a visual representation of network activity.
But considering the ‘Basic’ option starts at $49, paying for the added features will not break the bank and in most cases will cover your average user who may just want to see what is connecting to their wireless network and see what is using data on their PC (This could be beneficial if on a metered internet plan)

The next package the ‘Pro’ comes in at $99 but if you break that down at cost per computer it is only $33 a system. And bundle that with the remote monitoring ability it could be ideal if you have a home server, or multiple devices that you wish to kep an eye on.
And finally there is the Elite version, this I would imagine is targeted at business uses due to the number computers. But depending on your home set up it could be used for a home set up and with that many devices in the home a remote monitoring ability could save a huge amount of time, stress and worry.

To conclude, I personally feel that Glasswire take ‘Cyber Space’ and gives the user a real-time visual representation that would otherwise remain hidden or hard to interpret. It offers the user a nice and smooth experience while also delivering the information in a manner that you do not have to be a network engineer to understand. And I would highly recommend it to anyone who is looking to bolster their security policy at home or work.